Merge branch 'master' of github.com:wso2/carbon-device-mgt

revert-70aa11f8
Chatura Dilan 8 years ago
commit 046cd6586c

@ -36,11 +36,14 @@ import org.wso2.carbon.apimgt.webapp.publisher.config.PermissionManagementExcept
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
import javax.ws.rs.*; import javax.ws.rs.*;
import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.lang.annotation.Annotation; import java.lang.annotation.Annotation;
import java.lang.reflect.InvocationHandler; import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method; import java.lang.reflect.Method;
import java.lang.reflect.Proxy; import java.lang.reflect.Proxy;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL; import java.net.URL;
import java.security.AccessController; import java.security.AccessController;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
@ -85,16 +88,13 @@ public class AnnotationProcessor {
* @throws IOException * @throws IOException
*/ */
public Set<String> scanStandardContext(String className) throws IOException { public Set<String> scanStandardContext(String className) throws IOException {
AnnotationDB db = new AnnotationDB(); ExtendedAnnotationDB db = new ExtendedAnnotationDB();
db.addIgnoredPackages(PACKAGE_ORG_APACHE); db.addIgnoredPackages(PACKAGE_ORG_APACHE);
db.addIgnoredPackages(PACKAGE_ORG_CODEHAUS); db.addIgnoredPackages(PACKAGE_ORG_CODEHAUS);
db.addIgnoredPackages(PACKAGE_ORG_SPRINGFRAMEWORK); db.addIgnoredPackages(PACKAGE_ORG_SPRINGFRAMEWORK);
URL[] libPath = WarUrlFinder.findWebInfLibClasspaths(servletContext); URL classPath = findWebInfClassesPath(servletContext);
URL classPath = WarUrlFinder.findWebInfClassesPath(servletContext); db.scanArchives(classPath);
URL[] urls = (URL[]) ArrayUtils.add(libPath, libPath.length, classPath);
db.scanArchives(urls);
//Returns a list of classes with given Annotation //Returns a list of classes with given Annotation
return db.getAnnotationIndex().get(className); return db.getAnnotationIndex().get(className);
@ -387,4 +387,28 @@ public class AnnotationProcessor {
} }
} }
/**
* Find the URL pointing to "/WEB-INF/classes" This method may not work in conjunction with IteratorFactory
* if your servlet container does not extract the /WEB-INF/classes into a real file-based directory
*
* @param servletContext
* @return null if cannot determin /WEB-INF/classes
*/
public static URL findWebInfClassesPath(ServletContext servletContext)
{
String path = servletContext.getRealPath("/WEB-INF/classes");
if (path == null) return null;
File fp = new File(path);
if (fp.exists() == false) return null;
try
{
URI uri = fp.toURI();
return uri.toURL();
}
catch (MalformedURLException e)
{
throw new RuntimeException(e);
}
}
} }

@ -0,0 +1,92 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import org.scannotation.AnnotationDB;
import org.scannotation.archiveiterator.Filter;
import org.scannotation.archiveiterator.StreamIterator;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
public class ExtendedAnnotationDB extends AnnotationDB {
public ExtendedAnnotationDB() {
super();
}
public void scanArchives(URL... urls) throws IOException {
URL[] arr$ = urls;
int len$ = urls.length;
for(int i$ = 0; i$ < len$; ++i$) {
URL url = arr$[i$];
Filter filter = new Filter() {
public boolean accepts(String filename) {
if(filename.endsWith(".class")) {
if(filename.startsWith("/") || filename.startsWith("\\")) {
filename = filename.substring(1);
}
if(!ExtendedAnnotationDB.this.ignoreScan(filename.replace('/', '.'))) {
return true;
}
}
return false;
}
};
StreamIterator it = ExtendedIteratorFactory.create(url, filter);
InputStream stream;
while((stream = it.next()) != null) {
this.scanClass(stream);
}
}
}
private boolean ignoreScan(String intf) {
String[] arr$;
int len$;
int i$;
String ignored;
if(this.scanPackages != null) {
arr$ = this.scanPackages;
len$ = arr$.length;
for(i$ = 0; i$ < len$; ++i$) {
ignored = arr$[i$];
if(intf.startsWith(ignored + ".")) {
return false;
}
}
return true;
} else {
arr$ = this.ignoredPackages;
len$ = arr$.length;
for(i$ = 0; i$ < len$; ++i$) {
ignored = arr$[i$];
if(intf.startsWith(ignored + ".")) {
return true;
}
}
return false;
}
}
}

@ -0,0 +1,34 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import org.scannotation.archiveiterator.*;
import java.io.File;
import java.io.IOException;
import java.net.URL;
public class ExtendedFileProtocolIteratorFactory implements DirectoryIteratorFactory {
private static final String ENCODING_SCHEME = "UTF-8";
@Override
public StreamIterator create(URL url, Filter filter) throws IOException {
File f = new File(java.net.URLDecoder.decode(url.getPath(), ENCODING_SCHEME));
return f.isDirectory()?new FileIterator(f, filter):new JarIterator(url.openStream(), filter);
}
}

@ -0,0 +1,54 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import org.scannotation.archiveiterator.DirectoryIteratorFactory;
import org.scannotation.archiveiterator.Filter;
import org.scannotation.archiveiterator.JarIterator;
import org.scannotation.archiveiterator.StreamIterator;
import java.io.IOException;
import java.net.URL;
import java.util.concurrent.ConcurrentHashMap;
public class ExtendedIteratorFactory {
private static final ConcurrentHashMap<String, DirectoryIteratorFactory> registry = new ConcurrentHashMap();
public static StreamIterator create(URL url, Filter filter) throws IOException {
String urlString = url.toString();
if(urlString.endsWith("!/")) {
urlString = urlString.substring(4);
urlString = urlString.substring(0, urlString.length() - 2);
url = new URL(urlString);
}
if(!urlString.endsWith("/")) {
return new JarIterator(url.openStream(), filter);
} else {
DirectoryIteratorFactory factory = registry.get(url.getProtocol());
if(factory == null) {
throw new IOException("Unable to scan directory of protocol: " + url.getProtocol());
} else {
return factory.create(url, filter);
}
}
}
static {
registry.put("file", new ExtendedFileProtocolIteratorFactory());
}
}

@ -1,8 +1,23 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans; package org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans;
/**
* Created by hasunie on 5/26/16.
*/
public class EnrollmentCertificate { public class EnrollmentCertificate {
String serial; String serial;
String pem; String pem;

@ -9,8 +9,8 @@ import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificat
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.DeviceMgtAPIUtils; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.DeviceMgtAPIUtils;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.RequestValidationUtil; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.RequestValidationUtil;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse; import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService; import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
@ -76,7 +76,7 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
try { try {
certificateResponse = certificateService.searchCertificates(serialNumber); certificateResponse = certificateService.searchCertificates(serialNumber);
return Response.status(Response.Status.OK).entity(certificateResponse).build(); return Response.status(Response.Status.OK).entity(certificateResponse).build();
} catch (CertificateManagementDAOException e) { } catch (CertificateManagementException e) {
String msg = "Error occurred while converting PEM file to X509Certificate"; String msg = "Error occurred while converting PEM file to X509Certificate";
log.error(msg, e); log.error(msg, e);
throw new UnexpectedServerErrorException( throw new UnexpectedServerErrorException(
@ -106,7 +106,7 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
certificates.setCount(result.getRecordsTotal()); certificates.setCount(result.getRecordsTotal());
certificates.setList((List<CertificateResponse>) result.getData()); certificates.setList((List<CertificateResponse>) result.getData());
return Response.status(Response.Status.OK).entity(certificates).build(); return Response.status(Response.Status.OK).entity(certificates).build();
} catch (CertificateManagementDAOException e) { } catch (CertificateManagementException e) {
String msg = "Error occurred while fetching all certificates."; String msg = "Error occurred while fetching all certificates.";
log.error(msg, e); log.error(msg, e);
throw new UnexpectedServerErrorException( throw new UnexpectedServerErrorException(
@ -128,7 +128,7 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
} }
return Response.status(Response.Status.OK).entity("Certificate that carries the serial number '" + return Response.status(Response.Status.OK).entity("Certificate that carries the serial number '" +
serialNumber + "' has been removed").build(); serialNumber + "' has been removed").build();
} catch (CertificateManagementDAOException e) { } catch (CertificateManagementException e) {
String msg = "Error occurred while converting PEM file to X509Certificate"; String msg = "Error occurred while converting PEM file to X509Certificate";
log.error(msg, e); log.error(msg, e);
throw new UnexpectedServerErrorException( throw new UnexpectedServerErrorException(

@ -18,11 +18,11 @@
package org.wso2.carbon.certificate.mgt.core.dao; package org.wso2.carbon.certificate.mgt.core.dao;
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse; import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.device.mgt.common.PaginationRequest; import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult; import org.wso2.carbon.device.mgt.common.PaginationResult;
import java.io.ByteArrayInputStream;
import java.util.List; import java.util.List;
/** /**
@ -37,8 +37,9 @@ public interface CertificateDAO {
* *
* @param certificate Holds the certificate and relevant details. * @param certificate Holds the certificate and relevant details.
* @throws CertificateManagementDAOException * @throws CertificateManagementDAOException
*
*/ */
void addCertificate(List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificate) void addCertificate(List<Certificate> certificate)
throws CertificateManagementDAOException; throws CertificateManagementDAOException;
/** /**
@ -47,31 +48,37 @@ public interface CertificateDAO {
* @param serialNumber Serial number of the certificate. * @param serialNumber Serial number of the certificate.
* @return representation of the certificate. * @return representation of the certificate.
* @throws CertificateManagementDAOException * @throws CertificateManagementDAOException
*
*/ */
org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse retrieveCertificate(String serialNumber CertificateResponse retrieveCertificate(String serialNumber) throws CertificateManagementDAOException;
) throws CertificateManagementDAOException;
/** /**
* Get all the certificates in a paginated manner. * Get all the certificates in a paginated manner.
*
* @param request Request mentioning pagination details such as length and stating index. * @param request Request mentioning pagination details such as length and stating index.
* @return Pagination result with data and the count of results. * @return Pagination result with data and the count of results.
* @throws CertificateManagementDAOException * @throws CertificateManagementDAOException
*
*/ */
PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementDAOException; PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementDAOException;
/** /**
* Get all the certificates. * Get all the certificates.
*
* @return List of certificates * @return List of certificates
* @throws CertificateManagementDAOException * @throws CertificateManagementDAOException
*
*/ */
public List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException; public List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException;
/** /**
* Delete a certificate identified by a serial number() * Delete a certificate identified by a serial number()
*
* @param serialNumber serial number * @param serialNumber serial number
* @return whether the certificate was removed or not. * @return whether the certificate was removed or not.
*/ */
boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException; boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException;
public List<CertificateResponse> searchCertificate(String serialNumber) throws CertificateManagementDAOException; public List<CertificateResponse> searchCertificate(String serialNumber) throws CertificateManagementDAOException;
} }

@ -59,7 +59,7 @@ public class CertificateManagementDAOFactory {
try { try {
databaseEngine = dataSource.getConnection().getMetaData().getDatabaseProductName(); databaseEngine = dataSource.getConnection().getMetaData().getDatabaseProductName();
} catch (SQLException e) { } catch (SQLException e) {
log.error("Error occurred while retrieving config.datasource connection", e); log.error("Error occurred while retrieving a datasource connection", e);
} }
} }
@ -72,11 +72,22 @@ public class CertificateManagementDAOFactory {
} }
try { try {
conn = dataSource.getConnection(); conn = dataSource.getConnection();
} catch (SQLException e) {
throw new TransactionManagementException("Error occurred while retrieving a data source connection", e);
}
try {
conn.setAutoCommit(false); conn.setAutoCommit(false);
currentConnection.set(conn);
} catch (SQLException e) { } catch (SQLException e) {
throw new TransactionManagementException("Error occurred while retrieving config.datasource connection", e); try {
conn.close();
} catch (SQLException e1) {
log.warn("Error occurred while closing the borrowed connection. " +
"Transaction has ended pre-maturely", e1);
} }
throw new TransactionManagementException("Error occurred while setting auto-commit to false", e);
}
currentConnection.set(conn);
} }
public static void openConnection() throws SQLException { public static void openConnection() throws SQLException {
@ -111,6 +122,8 @@ public class CertificateManagementDAOFactory {
conn.commit(); conn.commit();
} catch (SQLException e) { } catch (SQLException e) {
log.error("Error occurred while committing the transaction", e); log.error("Error occurred while committing the transaction", e);
} finally {
closeConnection();
} }
} }
@ -125,6 +138,8 @@ public class CertificateManagementDAOFactory {
conn.rollback(); conn.rollback();
} catch (SQLException e) { } catch (SQLException e) {
log.warn("Error occurred while roll-backing the transaction", e); log.warn("Error occurred while roll-backing the transaction", e);
} finally {
closeConnection();
} }
} }
@ -138,7 +153,7 @@ public class CertificateManagementDAOFactory {
try { try {
conn.close(); conn.close();
} catch (SQLException e) { } catch (SQLException e) {
log.warn("Error occurred while close the connection"); log.warn("Error occurred while close the connection", e);
} }
currentConnection.remove(); currentConnection.remove();
} }

@ -674,10 +674,7 @@ public class CertificateGenerator {
} catch (TransactionManagementException e) { } catch (TransactionManagementException e) {
String errorMsg = "Error occurred when saving the generated certificate"; String errorMsg = "Error occurred when saving the generated certificate";
log.error(errorMsg, e); log.error(errorMsg, e);
CertificateManagementDAOFactory.rollbackTransaction();
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();
} }
} }
@ -738,9 +735,8 @@ public class CertificateGenerator {
} catch (IOException e) { } catch (IOException e) {
throw new KeystoreException("CSR cannot be recovered.", e); throw new KeystoreException("CSR cannot be recovered.", e);
} }
X509Certificate signedCertificate = generateCertificateFromCSR(privateKeyCA, certificationRequest, return generateCertificateFromCSR(privateKeyCA, certificationRequest,
certCA.getIssuerX500Principal().getName()); certCA.getIssuerX500Principal().getName());
return signedCertificate;
} }
public static void extractCertificateDetails(byte[] certificateBytes, CertificateResponse certificateResponse) public static void extractCertificateDetails(byte[] certificateBytes, CertificateResponse certificateResponse)

@ -19,6 +19,7 @@ package org.wso2.carbon.certificate.mgt.core.impl;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException; import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory; import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse; import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
@ -41,17 +42,21 @@ public class KeyStoreReader {
private static final Log log = LogFactory.getLog(KeyStoreReader.class); private static final Log log = LogFactory.getLog(KeyStoreReader.class);
private KeyStore loadKeyStore(String configEntryKeyStoreType, String configEntryKeyStorePath, private CertificateDAO certDao;
String configEntryKeyStorePassword) throws KeystoreException {
InputStream inputStream = null; public KeyStoreReader() {
KeyStore keystore; this.certDao = CertificateManagementDAOFactory.getCertificateDAO();
}
private KeyStore loadKeyStore(
String configEntryKeyStoreType, String configEntryKeyStorePath,
String configEntryKeyStorePassword) throws KeystoreException {
InputStream is = null;
KeyStore keystore;
try { try {
keystore = KeyStore.getInstance(ConfigurationUtil.getConfigEntry(configEntryKeyStoreType)); keystore = KeyStore.getInstance(ConfigurationUtil.getConfigEntry(configEntryKeyStoreType));
inputStream = new FileInputStream(ConfigurationUtil.getConfigEntry(configEntryKeyStorePath)); is = new FileInputStream(ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
keystore.load(inputStream, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray()); keystore.load(is, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
} catch (KeyStoreException e) { } catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when loading KeyStore"; String errorMsg = "KeyStore issue occurred when loading KeyStore";
log.error(errorMsg, e); log.error(errorMsg, e);
@ -74,8 +79,8 @@ public class KeyStoreReader {
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} finally { } finally {
try { try {
if (inputStream != null) { if (is != null) {
inputStream.close(); is.close();
} }
} catch (IOException e) { } catch (IOException e) {
log.error("Error closing KeyStore input stream", e); log.error("Error closing KeyStore input stream", e);
@ -87,15 +92,11 @@ public class KeyStoreReader {
private synchronized void saveKeyStore(KeyStore keyStore, String configEntryKeyStorePath, private synchronized void saveKeyStore(KeyStore keyStore, String configEntryKeyStorePath,
String configEntryKeyStorePassword) throws KeystoreException { String configEntryKeyStorePassword) throws KeystoreException {
FileOutputStream os = null;
FileOutputStream outputStream = null;
try { try {
outputStream = new FileOutputStream( os = new FileOutputStream(
ConfigurationUtil.getConfigEntry(configEntryKeyStorePath)); ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
keyStore.store(outputStream, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray()); keyStore.store(os, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
outputStream.close();
} catch (KeyStoreException e) { } catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when loading KeyStore"; String errorMsg = "KeyStore issue occurred when loading KeyStore";
log.error(errorMsg, e); log.error(errorMsg, e);
@ -118,8 +119,8 @@ public class KeyStoreReader {
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} finally { } finally {
try { try {
if (outputStream != null) { if (os != null) {
outputStream.close(); os.close();
} }
} catch (IOException e) { } catch (IOException e) {
log.error("Error closing KeyStore output stream", e); log.error("Error closing KeyStore output stream", e);
@ -139,10 +140,8 @@ public class KeyStoreReader {
} }
public Certificate getCACertificate() throws KeystoreException { public Certificate getCACertificate() throws KeystoreException {
KeyStore keystore = loadCertificateKeyStore(); KeyStore keystore = loadCertificateKeyStore();
Certificate caCertificate; Certificate caCertificate;
try { try {
caCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS)); caCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS));
} catch (KeyStoreException e) { } catch (KeyStoreException e) {
@ -188,7 +187,6 @@ public class KeyStoreReader {
} }
public Certificate getRACertificate() throws KeystoreException { public Certificate getRACertificate() throws KeystoreException {
KeyStore keystore = loadCertificateKeyStore(); KeyStore keystore = loadCertificateKeyStore();
Certificate raCertificate; Certificate raCertificate;
try { try {
@ -207,12 +205,10 @@ public class KeyStoreReader {
} }
public Certificate getCertificateByAlias(String alias) throws KeystoreException { public Certificate getCertificateByAlias(String alias) throws KeystoreException {
Certificate raCertificate = null; Certificate raCertificate = null;
try { try {
CertificateManagementDAOFactory.openConnection(); CertificateManagementDAOFactory.openConnection();
CertificateResponse certificateResponse = CertificateManagementDAOFactory.getCertificateDAO(). CertificateResponse certificateResponse = certDao.retrieveCertificate(alias);
retrieveCertificate(alias);
if (certificateResponse != null) { if (certificateResponse != null) {
raCertificate = (Certificate) Serializer.deserialize(certificateResponse.getCertificate()); raCertificate = (Certificate) Serializer.deserialize(certificateResponse.getCertificate());
} }
@ -221,7 +217,7 @@ public class KeyStoreReader {
log.error(errorMsg, e); log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} catch (ClassNotFoundException | IOException e) { } catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error when deserializing saved certificate."; String errorMsg = "Error when de-serializing saved certificate.";
log.error(errorMsg, e); log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} catch (SQLException e) { } catch (SQLException e) {
@ -234,8 +230,7 @@ public class KeyStoreReader {
return raCertificate; return raCertificate;
} }
PrivateKey getRAPrivateKey() throws KeystoreException { public PrivateKey getRAPrivateKey() throws KeystoreException {
KeyStore keystore = loadCertificateKeyStore(); KeyStore keystore = loadCertificateKeyStore();
PrivateKey raPrivateKey; PrivateKey raPrivateKey;
try { try {
@ -264,12 +259,10 @@ public class KeyStoreReader {
} }
public CertificateResponse getCertificateBySerial(String serialNumber) throws KeystoreException { public CertificateResponse getCertificateBySerial(String serialNumber) throws KeystoreException {
CertificateResponse certificateResponse = null; CertificateResponse certificateResponse = null;
try { try {
CertificateManagementDAOFactory.openConnection(); CertificateManagementDAOFactory.openConnection();
certificateResponse = CertificateManagementDAOFactory.getCertificateDAO(). certificateResponse = certDao.retrieveCertificate(serialNumber);
retrieveCertificate(serialNumber);
if (certificateResponse != null && certificateResponse.getCertificate() != null) { if (certificateResponse != null && certificateResponse.getCertificate() != null) {
Certificate certificate = (Certificate) Serializer.deserialize(certificateResponse.getCertificate()); Certificate certificate = (Certificate) Serializer.deserialize(certificateResponse.getCertificate());
if (certificate instanceof X509Certificate) { if (certificate instanceof X509Certificate) {
@ -278,7 +271,6 @@ public class KeyStoreReader {
certificateResponse.setCommonName(commonName); certificateResponse.setCommonName(commonName);
} }
} }
} catch (CertificateManagementDAOException e) { } catch (CertificateManagementDAOException e) {
String errorMsg = "Error when retrieving certificate from the the database for the serial number: " + String errorMsg = "Error when retrieving certificate from the the database for the serial number: " +
serialNumber; serialNumber;
@ -289,7 +281,7 @@ public class KeyStoreReader {
log.error(errorMsg, e); log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} catch (ClassNotFoundException | IOException e) { } catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error when deserializing saved certificate."; String errorMsg = "Error when de-serializing saved certificate.";
log.error(errorMsg, e); log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e); throw new KeystoreException(errorMsg, e);
} finally { } finally {

@ -18,7 +18,7 @@
package org.wso2.carbon.certificate.mgt.core.service; package org.wso2.carbon.certificate.mgt.core.service;
import org.bouncycastle.pkcs.PKCS10CertificationRequest; import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException; import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse; import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse; import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
@ -47,8 +47,8 @@ public interface CertificateManagementService {
byte[] getPKIMessageSCEP(InputStream inputStream) throws KeystoreException; byte[] getPKIMessageSCEP(InputStream inputStream) throws KeystoreException;
X509Certificate generateCertificateFromCSR(PrivateKey privateKey, PKCS10CertificationRequest request, X509Certificate generateCertificateFromCSR(
String issueSubject) throws KeystoreException; PrivateKey privateKey, PKCS10CertificationRequest request, String issueSubject) throws KeystoreException;
Certificate getCertificateByAlias(String alias) throws KeystoreException; Certificate getCertificateByAlias(String alias) throws KeystoreException;
@ -71,13 +71,14 @@ public interface CertificateManagementService {
public X509Certificate pemToX509Certificate(String pem) throws KeystoreException; public X509Certificate pemToX509Certificate(String pem) throws KeystoreException;
public CertificateResponse retrieveCertificate(String serialNumber) throws CertificateManagementDAOException; public CertificateResponse retrieveCertificate(String serialNumber) throws CertificateManagementException;
public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementDAOException; public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementException;
boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException; boolean removeCertificate(String serialNumber) throws CertificateManagementException;
public List<CertificateResponse> getCertificates() throws CertificateManagementDAOException; public List<CertificateResponse> getCertificates() throws CertificateManagementException;
public List<CertificateResponse> searchCertificates(String serialNumber) throws CertificateManagementException;
public List<CertificateResponse> searchCertificates(String serialNumber) throws CertificateManagementDAOException;
} }

@ -25,6 +25,7 @@ import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOExceptio
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory; import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse; import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse; import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator; import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.impl.KeyStoreReader; import org.wso2.carbon.certificate.mgt.core.impl.KeyStoreReader;
@ -51,7 +52,6 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
} }
public static CertificateManagementServiceImpl getInstance() { public static CertificateManagementServiceImpl getInstance() {
if (certificateManagementServiceImpl == null) { if (certificateManagementServiceImpl == null) {
certificateManagementServiceImpl = new CertificateManagementServiceImpl(); certificateManagementServiceImpl = new CertificateManagementServiceImpl();
keyStoreReader = new KeyStoreReader(); keyStoreReader = new KeyStoreReader();
@ -106,7 +106,8 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
return certificateGenerator.verifyPEMSignature(requestCertificate); return certificateGenerator.verifyPEMSignature(requestCertificate);
} }
@Override public CertificateResponse verifySubjectDN(String requestDN) throws KeystoreException { @Override
public CertificateResponse verifySubjectDN(String requestDN) throws KeystoreException {
return certificateGenerator.verifyCertificateDN(requestDN); return certificateGenerator.verifyCertificateDN(requestDN);
} }
@ -135,39 +136,47 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
return certificateGenerator.pemToX509Certificate(pem); return certificateGenerator.pemToX509Certificate(pem);
} }
public CertificateResponse retrieveCertificate(String serialNumber) public CertificateResponse retrieveCertificate(String serialNumber) throws CertificateManagementException {
throws CertificateManagementDAOException {
CertificateDAO certificateDAO; CertificateDAO certificateDAO;
try { try {
CertificateManagementDAOFactory.openConnection(); CertificateManagementDAOFactory.openConnection();
certificateDAO = CertificateManagementDAOFactory.getCertificateDAO(); certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
return certificateDAO.retrieveCertificate(serialNumber); return certificateDAO.retrieveCertificate(serialNumber);
} catch (SQLException e) { } catch (SQLException e) {
String errorMsg = "Error when opening connection"; String msg = "Error occurred while opening a connection to the underlying data source";
log.error(errorMsg, e); log.error(msg, e);
throw new CertificateManagementDAOException(errorMsg, e); throw new CertificateManagementException(msg, e);
} catch (CertificateManagementDAOException e) {
String msg = "Error occurred while looking up for the certificate carrying the serial number '" +
serialNumber + "' in the underlying certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} finally { } finally {
CertificateManagementDAOFactory.closeConnection(); CertificateManagementDAOFactory.closeConnection();
} }
} }
public PaginationResult getAllCertificates(PaginationRequest request) public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementException {
throws CertificateManagementDAOException {
try { try {
CertificateManagementDAOFactory.openConnection(); CertificateManagementDAOFactory.openConnection();
CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO(); CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
return certificateDAO.getAllCertificates(request); return certificateDAO.getAllCertificates(request);
} catch (SQLException e) { } catch (SQLException e) {
String errorMsg = "Error when opening connection"; String msg = "Error occurred while opening a connection to the underlying data source";
log.error(errorMsg, e); log.error(msg, e);
throw new CertificateManagementDAOException(errorMsg, e); throw new CertificateManagementException(msg, e);
} catch (CertificateManagementDAOException e) {
String msg = "Error occurred while looking up for the list of certificates managed in the underlying " +
"certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} finally { } finally {
CertificateManagementDAOFactory.closeConnection(); CertificateManagementDAOFactory.closeConnection();
} }
} }
@Override @Override
public boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException { public boolean removeCertificate(String serialNumber) throws CertificateManagementException {
try { try {
CertificateManagementDAOFactory.beginTransaction(); CertificateManagementDAOFactory.beginTransaction();
CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO(); CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
@ -175,38 +184,53 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
CertificateManagementDAOFactory.commitTransaction(); CertificateManagementDAOFactory.commitTransaction();
return status; return status;
} catch (TransactionManagementException e) { } catch (TransactionManagementException e) {
String errorMsg = "Error when deleting"; String msg = "Error occurred while removing certificate carrying serial number '" + serialNumber + "'";
log.error(errorMsg, e); log.error(msg, e);
throw new CertificateManagementDAOException(errorMsg, e); throw new CertificateManagementException(msg, e);
} finally { } catch (CertificateManagementDAOException e) {
CertificateManagementDAOFactory.closeConnection(); CertificateManagementDAOFactory.rollbackTransaction();
String msg = "Error occurred while removing the certificate carrying serial number '" + serialNumber +
"' from the certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} }
} }
@Override @Override
public List<CertificateResponse> getCertificates() throws CertificateManagementDAOException { public List<CertificateResponse> getCertificates() throws CertificateManagementException {
try { try {
CertificateManagementDAOFactory.openConnection(); CertificateManagementDAOFactory.openConnection();
CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO(); CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
return certificateDAO.getAllCertificates(); return certificateDAO.getAllCertificates();
} catch (SQLException e) { } catch (SQLException e) {
String errorMsg = "Error when opening connection"; String msg = "Error occurred while opening a connection to the underlying data source";
log.error(errorMsg, e); log.error(msg, e);
throw new CertificateManagementDAOException(errorMsg, e); throw new CertificateManagementException(msg, e);
} catch (CertificateManagementDAOException e) {
String msg = "Error occurred while looking up for the list of certificates managed in the " +
"underlying certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} finally { } finally {
CertificateManagementDAOFactory.closeConnection(); CertificateManagementDAOFactory.closeConnection();
} }
} }
@Override public List<CertificateResponse> searchCertificates(String serialNumber) throws CertificateManagementDAOException { @Override
public List<CertificateResponse> searchCertificates(String serialNumber) throws CertificateManagementException {
try { try {
CertificateManagementDAOFactory.openConnection(); CertificateManagementDAOFactory.openConnection();
CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO(); CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
return certificateDAO.searchCertificate(serialNumber); return certificateDAO.searchCertificate(serialNumber);
} catch (SQLException e) { } catch (SQLException e) {
String errorMsg = "Error when opening connection"; String msg = "Error occurred while opening a connection to the underlying data source";
log.error(errorMsg, e); log.error(msg, e);
throw new CertificateManagementDAOException(errorMsg, e); throw new CertificateManagementException(msg, e);
} catch (CertificateManagementDAOException e) {
String msg = "Error occurred while searching for the list of certificates carrying the serial number '" +
serialNumber + "' in the underlying certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} finally { } finally {
CertificateManagementDAOFactory.closeConnection(); CertificateManagementDAOFactory.closeConnection();
} }

@ -209,14 +209,27 @@ public class OperationManagerImpl implements OperationManager {
throw new UnauthorizedDeviceAccessException("User '" + getUser() + "' is not authorized to " + throw new UnauthorizedDeviceAccessException("User '" + getUser() + "' is not authorized to " +
"fetch operations on device '" + deviceId.getId() + "'"); "fetch operations on device '" + deviceId.getId() + "'");
} }
try { } catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " +
this.getUser(), e);
}
try { try {
DeviceManagementDAOFactory.openConnection(); DeviceManagementDAOFactory.openConnection();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving metadata of '" +
deviceId.getType() + "' device carrying the identifier '" +
deviceId.getId() + "'");
} catch (SQLException e) {
throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e);
} finally { } finally {
DeviceManagementDAOFactory.closeConnection(); DeviceManagementDAOFactory.closeConnection();
} }
try {
if (enrolmentId < 0) { if (enrolmentId < 0) {
return null; return null;
} }
@ -233,20 +246,12 @@ public class OperationManagerImpl implements OperationManager {
throw new OperationManagementException("Error occurred while retrieving the list of " + throw new OperationManagementException("Error occurred while retrieving the list of " +
"operations assigned for '" + deviceId.getType() + "operations assigned for '" + deviceId.getType() +
"' device '" + deviceId.getId() + "'", e); "' device '" + deviceId.getId() + "'", e);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving metadata of '" +
deviceId.getType() + "' device carrying the identifier '" +
deviceId.getId() + "'");
} catch (SQLException e) { } catch (SQLException e) {
throw new OperationManagementException( throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e); "Error occurred while opening a connection to the data source", e);
} finally { } finally {
OperationManagementDAOFactory.closeConnection(); OperationManagementDAOFactory.closeConnection();
} }
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " +
this.getUser(), e);
}
return operations; return operations;
} }
@ -259,16 +264,31 @@ public class OperationManagerImpl implements OperationManager {
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (!isUserAuthorized) {
try { log.error("User : " + getUser() + " is not authorized to fetch operations on device : " +
deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " +
this.getUser(), e);
}
try { try {
DeviceManagementDAOFactory.openConnection(); DeviceManagementDAOFactory.openConnection();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId);
} catch (SQLException e) {
throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving metadata of '" +
deviceId.getType() + "' device carrying the identifier '" +
deviceId.getId() + "'");
} finally { } finally {
DeviceManagementDAOFactory.closeConnection(); DeviceManagementDAOFactory.closeConnection();
} }
try {
OperationManagementDAOFactory.openConnection(); OperationManagementDAOFactory.openConnection();
if (enrolmentId < 0) { if (enrolmentId < 0) {
throw new OperationManagementException("Device not found for given device " + throw new OperationManagementException("Device not found for given device " +
@ -290,23 +310,12 @@ public class OperationManagerImpl implements OperationManager {
throw new OperationManagementException("Error occurred while retrieving the list of " + throw new OperationManagementException("Error occurred while retrieving the list of " +
"operations assigned for '" + deviceId.getType() + "operations assigned for '" + deviceId.getType() +
"' device '" + deviceId.getId() + "'", e); "' device '" + deviceId.getId() + "'", e);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving metadata of '" +
deviceId.getType() + "' device carrying the identifier '" +
deviceId.getId() + "'");
} catch (SQLException e) { } catch (SQLException e) {
throw new OperationManagementException( throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e); "Error occurred while opening a connection to the data source", e);
} finally { } finally {
OperationManagementDAOFactory.closeConnection(); OperationManagementDAOFactory.closeConnection();
} }
} else {
log.info("User : " + getUser() + " is not authorized to fetch operations on device : " + deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " +
this.getUser(), e);
}
return paginationResult; return paginationResult;
} }
@ -323,15 +332,31 @@ public class OperationManagerImpl implements OperationManager {
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (!isUserAuthorized) {
try { log.error("User : " + getUser() + " is not authorized to fetch operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" +
this.getUser(), e);
}
try { try {
DeviceManagementDAOFactory.openConnection(); DeviceManagementDAOFactory.openConnection();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId);
} catch (SQLException e) {
throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving the device " +
"for device Identifier type -'" + deviceId.getType() +
"' and device Id '" + deviceId.getId() + "'", e);
} finally { } finally {
DeviceManagementDAOFactory.closeConnection(); DeviceManagementDAOFactory.closeConnection();
} }
try {
OperationManagementDAOFactory.openConnection(); OperationManagementDAOFactory.openConnection();
if (enrolmentId < 0) { if (enrolmentId < 0) {
throw new OperationManagementException("Device not found for the given device Identifier:" + throw new OperationManagementException("Device not found for the given device Identifier:" +
@ -356,24 +381,12 @@ public class OperationManagerImpl implements OperationManager {
throw new OperationManagementException("Error occurred while retrieving the list of " + throw new OperationManagementException("Error occurred while retrieving the list of " +
"pending operations assigned for '" + deviceId.getType() + "pending operations assigned for '" + deviceId.getType() +
"' device '" + deviceId.getId() + "'", e); "' device '" + deviceId.getId() + "'", e);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving the device " +
"for device Identifier type -'" + deviceId.getType() +
"' and device Id '" + deviceId.getId() + "'", e);
} catch (SQLException e) { } catch (SQLException e) {
throw new OperationManagementException( throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e); "Error occurred while opening a connection to the data source", e);
} finally { } finally {
OperationManagementDAOFactory.closeConnection(); OperationManagementDAOFactory.closeConnection();
} }
} else {
log.info("User : " + getUser() + " is not authorized to fetch operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" +
this.getUser(), e);
}
return operations; return operations;
} }
@ -387,15 +400,31 @@ public class OperationManagerImpl implements OperationManager {
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (!isUserAuthorized) {
try { log.error("User : " + getUser() + " is not authorized to fetch operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " +
this.getUser(), e);
}
try { try {
DeviceManagementDAOFactory.openConnection(); DeviceManagementDAOFactory.openConnection();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving the device " +
"for device Identifier type -'" + deviceId.getType() +
"' and device Id '" + deviceId.getId(), e);
} catch (SQLException e) {
throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e);
} finally { } finally {
DeviceManagementDAOFactory.closeConnection(); DeviceManagementDAOFactory.closeConnection();
} }
try {
OperationManagementDAOFactory.openConnection(); OperationManagementDAOFactory.openConnection();
if (enrolmentId < 0) { if (enrolmentId < 0) {
throw new OperationManagementException("Device not found for given device " + throw new OperationManagementException("Device not found for given device " +
@ -426,24 +455,12 @@ public class OperationManagerImpl implements OperationManager {
} }
} catch (OperationManagementDAOException e) { } catch (OperationManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving next pending operation", e); throw new OperationManagementException("Error occurred while retrieving next pending operation", e);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving the device " +
"for device Identifier type -'" + deviceId.getType() +
"' and device Id '" + deviceId.getId(), e);
} catch (SQLException e) { } catch (SQLException e) {
throw new OperationManagementException( throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e); "Error occurred while opening a connection to the data source", e);
} finally { } finally {
OperationManagementDAOFactory.closeConnection(); OperationManagementDAOFactory.closeConnection();
} }
} else {
log.info("User : " + getUser() + " is not authorized to fetch operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " +
this.getUser(), e);
}
return operation; return operation;
} }
@ -457,8 +474,15 @@ public class OperationManagerImpl implements OperationManager {
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (!isUserAuthorized) {
try { log.error("User : " + getUser() + " is not authorized to update operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" +
this.getUser(), e);
}
try { try {
DeviceManagementDAOFactory.openConnection(); DeviceManagementDAOFactory.openConnection();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
@ -466,9 +490,16 @@ public class OperationManagerImpl implements OperationManager {
} catch (SQLException e) { } catch (SQLException e) {
throw new OperationManagementException("Error occurred while opening a connection to the" + throw new OperationManagementException("Error occurred while opening a connection to the" +
" data source", e); " data source", e);
} catch (DeviceManagementDAOException e) {
OperationManagementDAOFactory.rollbackTransaction();
throw new OperationManagementException(
"Error occurred while fetching the device for device identifier: " + deviceId.getId() +
"type:" + deviceId.getType(), e);
} finally { } finally {
DeviceManagementDAOFactory.closeConnection(); DeviceManagementDAOFactory.closeConnection();
} }
try {
OperationManagementDAOFactory.beginTransaction(); OperationManagementDAOFactory.beginTransaction();
boolean isUpdated = false; boolean isUpdated = false;
if (operation.getStatus() != null) { if (operation.getStatus() != null) {
@ -485,24 +516,11 @@ public class OperationManagerImpl implements OperationManager {
throw new OperationManagementException( throw new OperationManagementException(
"Error occurred while updating the operation: " + operationId + " status:" + "Error occurred while updating the operation: " + operationId + " status:" +
operation.getStatus(), e); operation.getStatus(), e);
} catch (DeviceManagementDAOException e) {
OperationManagementDAOFactory.rollbackTransaction();
throw new OperationManagementException(
"Error occurred while fetching the device for device identifier: " + deviceId.getId() +
"type:" + deviceId.getType(), e);
} catch (TransactionManagementException e) { } catch (TransactionManagementException e) {
throw new OperationManagementException("Error occurred while initiating a transaction", e); throw new OperationManagementException("Error occurred while initiating a transaction", e);
} finally { } finally {
OperationManagementDAOFactory.closeConnection(); OperationManagementDAOFactory.closeConnection();
} }
} else {
log.info("User : " + getUser() + " is not authorized to update operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" +
this.getUser(), e);
}
} }
@Override @Override
@ -538,16 +556,31 @@ public class OperationManagerImpl implements OperationManager {
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (!isUserAuthorized) {
try { log.error("User : " + getUser() + " is not authorized to fetch operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" +
this.getUser(), e);
}
try { try {
DeviceManagementDAOFactory.openConnection(); DeviceManagementDAOFactory.openConnection();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving the device " +
"for device Identifier type -'" + deviceId.getType() +
"' and device Id '" + deviceId.getId() + "'", e);
} catch (SQLException e) {
throw new OperationManagementException("Error occurred while opening connection to the data source",
e);
} finally { } finally {
DeviceManagementDAOFactory.closeConnection(); DeviceManagementDAOFactory.closeConnection();
} }
try {
OperationManagementDAOFactory.openConnection(); OperationManagementDAOFactory.openConnection();
if (enrolmentId < 0) { if (enrolmentId < 0) {
throw new OperationManagementException("Device not found for given device identifier: " + throw new OperationManagementException("Device not found for given device identifier: " +
@ -582,24 +615,13 @@ public class OperationManagerImpl implements OperationManager {
throw new OperationManagementException("Error occurred while retrieving the list of " + throw new OperationManagementException("Error occurred while retrieving the list of " +
"operations assigned for '" + deviceId.getType() + "operations assigned for '" + deviceId.getType() +
"' device '" + deviceId.getId() + "'", e); "' device '" + deviceId.getId() + "'", e);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving the device " +
"for device Identifier type -'" + deviceId.getType() +
"' and device Id '" + deviceId.getId() + "'", e);
} catch (SQLException e) { } catch (SQLException e) {
throw new OperationManagementException("Error occurred while opening connection to the data source", throw new OperationManagementException("Error occurred while opening connection to the data source",
e); e);
} finally { } finally {
OperationManagementDAOFactory.closeConnection(); OperationManagementDAOFactory.closeConnection();
} }
} else {
log.info("User : " + getUser() + " is not authorized to fetch operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" +
this.getUser(), e);
}
return operation; return operation;
} }
@ -612,15 +634,31 @@ public class OperationManagerImpl implements OperationManager {
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (!isUserAuthorized) {
try { log.info("User : " + getUser() + " is not authorized to fetch operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" +
this.getUser(), e);
}
try { try {
DeviceManagementDAOFactory.openConnection(); DeviceManagementDAOFactory.openConnection();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving the device " +
"for device Identifier type -'" + deviceId.getType() +
"' and device Id '" + deviceId.getId(), e);
} catch (SQLException e) {
throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e);
} finally { } finally {
DeviceManagementDAOFactory.closeConnection(); DeviceManagementDAOFactory.closeConnection();
} }
try {
OperationManagementDAOFactory.openConnection(); OperationManagementDAOFactory.openConnection();
if (enrolmentId < 0) { if (enrolmentId < 0) {
@ -651,24 +689,12 @@ public class OperationManagerImpl implements OperationManager {
"operations assigned for '" + deviceId.getType() + "operations assigned for '" + deviceId.getType() +
"' device '" + "' device '" +
deviceId.getId() + "' and status:" + status.toString(), e); deviceId.getId() + "' and status:" + status.toString(), e);
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving the device " +
"for device Identifier type -'" + deviceId.getType() +
"' and device Id '" + deviceId.getId(), e);
} catch (SQLException e) { } catch (SQLException e) {
throw new OperationManagementException( throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e); "Error occurred while opening a connection to the data source", e);
} finally { } finally {
OperationManagementDAOFactory.closeConnection(); OperationManagementDAOFactory.closeConnection();
} }
} else {
log.info("User : " + getUser() + " is not authorized to fetch operations on device : "
+ deviceId.getId());
}
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" +
this.getUser(), e);
}
return operations; return operations;
} }
@ -809,7 +835,8 @@ public class OperationManagerImpl implements OperationManager {
} }
@Override @Override
public List<Activity> getActivitiesUpdatedAfter(long timestamp, int limit, int offset) throws OperationManagementException { public List<Activity> getActivitiesUpdatedAfter(long timestamp, int limit,
int offset) throws OperationManagementException {
try { try {
OperationManagementDAOFactory.openConnection(); OperationManagementDAOFactory.openConnection();
return operationDAO.getActivitiesUpdatedAfter(timestamp, limit, offset); return operationDAO.getActivitiesUpdatedAfter(timestamp, limit, offset);

@ -19,7 +19,6 @@
package org.wso2.carbon.device.mgt.core.search.util; package org.wso2.carbon.device.mgt.core.search.util;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.device.details.DeviceInfo; import org.wso2.carbon.device.mgt.common.device.details.DeviceInfo;
import org.wso2.carbon.device.mgt.common.device.details.DeviceLocation; import org.wso2.carbon.device.mgt.common.device.details.DeviceLocation;

@ -111,6 +111,14 @@
<groupId>org.wso2.carbon.analytics-common</groupId> <groupId>org.wso2.carbon.analytics-common</groupId>
<artifactId>org.wso2.carbon.event.output.adapter.core</artifactId> <artifactId>org.wso2.carbon.event.output.adapter.core</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.carbon.apimgt</groupId>
<artifactId>org.wso2.carbon.apimgt.api</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.apimgt</groupId>
<artifactId>org.wso2.carbon.apimgt.impl</artifactId>
</dependency>
</dependencies> </dependencies>
<build> <build>
@ -148,7 +156,8 @@
javax.xml.*;resolution:=optional, javax.xml.*;resolution:=optional,
org.apache.commons.lang, org.apache.commons.lang,
javax.ws.rs;version="0.0.0";resolution:=optional, javax.ws.rs;version="0.0.0";resolution:=optional,
org.scannotation org.scannotation,
org.scannotation.archiveiterator
</Import-Package> </Import-Package>
</instructions> </instructions>
</configuration> </configuration>

@ -38,11 +38,14 @@ import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.PathParam; import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam; import javax.ws.rs.QueryParam;
import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.lang.annotation.Annotation; import java.lang.annotation.Annotation;
import java.lang.reflect.InvocationHandler; import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method; import java.lang.reflect.Method;
import java.lang.reflect.Proxy; import java.lang.reflect.Proxy;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL; import java.net.URL;
import java.security.AccessController; import java.security.AccessController;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
@ -80,14 +83,13 @@ public class AnnotationProcessor {
* Scan the context for classes with annotations * Scan the context for classes with annotations
*/ */
public Set<String> scanStandardContext(String className) throws IOException { public Set<String> scanStandardContext(String className) throws IOException {
AnnotationDB db = new AnnotationDB(); ExtendedAnnotationDB db = new ExtendedAnnotationDB();
db.addIgnoredPackages(PACKAGE_ORG_APACHE); db.addIgnoredPackages(PACKAGE_ORG_APACHE);
db.addIgnoredPackages(PACKAGE_ORG_CODEHAUS); db.addIgnoredPackages(PACKAGE_ORG_CODEHAUS);
db.addIgnoredPackages(PACKAGE_ORG_SPRINGFRAMEWORK); db.addIgnoredPackages(PACKAGE_ORG_SPRINGFRAMEWORK);
URL[] libPath = WarUrlFinder.findWebInfLibClasspaths(servletContext);
URL classPath = WarUrlFinder.findWebInfClassesPath(servletContext); URL classPath = findWebInfClassesPath(servletContext);
URL[] urls = (URL[]) ArrayUtils.add(libPath, libPath.length, classPath); db.scanArchives(classPath);
db.scanArchives(urls);
//Returns a list of classes with given Annotation //Returns a list of classes with given Annotation
return db.getAnnotationIndex().get(className); return db.getAnnotationIndex().get(className);
@ -276,4 +278,28 @@ public class AnnotationProcessor {
return null; return null;
} }
} }
/**
* Find the URL pointing to "/WEB-INF/classes" This method may not work in conjunction with IteratorFactory
* if your servlet container does not extract the /WEB-INF/classes into a real file-based directory
*
* @param servletContext
* @return null if cannot determin /WEB-INF/classes
*/
public static URL findWebInfClassesPath(ServletContext servletContext)
{
String path = servletContext.getRealPath("/WEB-INF/classes");
if (path == null) return null;
File fp = new File(path);
if (fp.exists() == false) return null;
try
{
URI uri = fp.toURI();
return uri.toURL();
}
catch (MalformedURLException e)
{
throw new RuntimeException(e);
}
}
} }

@ -0,0 +1,92 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.device.mgt.extensions.feature.mgt.util;
import org.scannotation.AnnotationDB;
import org.scannotation.archiveiterator.Filter;
import org.scannotation.archiveiterator.StreamIterator;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
public class ExtendedAnnotationDB extends AnnotationDB {
public ExtendedAnnotationDB() {
super();
}
public void scanArchives(URL... urls) throws IOException {
URL[] arr$ = urls;
int len$ = urls.length;
for(int i$ = 0; i$ < len$; ++i$) {
URL url = arr$[i$];
Filter filter = new Filter() {
public boolean accepts(String filename) {
if(filename.endsWith(".class")) {
if(filename.startsWith("/") || filename.startsWith("\\")) {
filename = filename.substring(1);
}
if(!ExtendedAnnotationDB.this.ignoreScan(filename.replace('/', '.'))) {
return true;
}
}
return false;
}
};
StreamIterator it = ExtendedIteratorFactory.create(url, filter);
InputStream stream;
while((stream = it.next()) != null) {
this.scanClass(stream);
}
}
}
private boolean ignoreScan(String intf) {
String[] arr$;
int len$;
int i$;
String ignored;
if(this.scanPackages != null) {
arr$ = this.scanPackages;
len$ = arr$.length;
for(i$ = 0; i$ < len$; ++i$) {
ignored = arr$[i$];
if(intf.startsWith(ignored + ".")) {
return false;
}
}
return true;
} else {
arr$ = this.ignoredPackages;
len$ = arr$.length;
for(i$ = 0; i$ < len$; ++i$) {
ignored = arr$[i$];
if(intf.startsWith(ignored + ".")) {
return true;
}
}
return false;
}
}
}

@ -0,0 +1,34 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.device.mgt.extensions.feature.mgt.util;
import org.scannotation.archiveiterator.*;
import java.io.File;
import java.io.IOException;
import java.net.URL;
public class ExtendedFileProtocolIteratorFactory implements DirectoryIteratorFactory {
private static final String ENCODING_SCHEME = "UTF-8";
@Override
public StreamIterator create(URL url, Filter filter) throws IOException {
File f = new File(java.net.URLDecoder.decode(url.getPath(), ENCODING_SCHEME));
return f.isDirectory()?new FileIterator(f, filter):new JarIterator(url.openStream(), filter);
}
}

@ -0,0 +1,54 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.device.mgt.extensions.feature.mgt.util;
import org.scannotation.archiveiterator.DirectoryIteratorFactory;
import org.scannotation.archiveiterator.Filter;
import org.scannotation.archiveiterator.JarIterator;
import org.scannotation.archiveiterator.StreamIterator;
import java.io.IOException;
import java.net.URL;
import java.util.concurrent.ConcurrentHashMap;
public class ExtendedIteratorFactory {
private static final ConcurrentHashMap<String, DirectoryIteratorFactory> registry = new ConcurrentHashMap();
public static StreamIterator create(URL url, Filter filter) throws IOException {
String urlString = url.toString();
if(urlString.endsWith("!/")) {
urlString = urlString.substring(4);
urlString = urlString.substring(0, urlString.length() - 2);
url = new URL(urlString);
}
if(!urlString.endsWith("/")) {
return new JarIterator(url.openStream(), filter);
} else {
DirectoryIteratorFactory factory = registry.get(url.getProtocol());
if(factory == null) {
throw new IOException("Unable to scan directory of protocol: " + url.getProtocol());
} else {
return factory.create(url, filter);
}
}
}
static {
registry.put("file", new ExtendedFileProtocolIteratorFactory());
}
}

@ -16,7 +16,12 @@
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*/ */
var apiWrapperUtil = require("/app/modules/api-wrapper-util.js").apiWrapperUtil;
var tokenCookie = apiWrapperUtil.refreshToken(); /*
print(tokenCookie); @Deprecated - new
*/
// var apiWrapperUtil = require("/app/modules/api-wrapper-util.js").apiWrapperUtil;
// var tokenCookie = apiWrapperUtil.refreshToken();
// print(tokenCookie);
%> %>

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* *
* WSO2 Inc. licenses this file to you under the Apache License, * WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except * Version 2.0 (the "License"); you may not use this file except
@ -10,46 +10,126 @@
* *
* Unless required by applicable law or agreed to in writing, * Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an * software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* KIND, either express or implied. See the License for the * either express or implied. See the License for the
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*/ */
var apiWrapperUtil = function () { var apiWrapperUtil = function () {
var module = {}; var log = new Log("/app/modules/api-wrapper-util.js");
var tokenUtil = require("/app/modules/util.js").util;
var tokenUtil = require("/app/modules/util.js")["util"];
var constants = require("/app/modules/constants.js"); var constants = require("/app/modules/constants.js");
var devicemgtProps = require("/app/conf/reader/main.js")["conf"]; var devicemgtProps = require("/app/conf/reader/main.js")["conf"];
var log = new Log("/app/modules/api-wrapper-util.js");
module.refreshToken = function () { var privateMethods = {};
var tokenPair = session.get(constants.ACCESS_TOKEN_PAIR_IDENTIFIER); var publicMethods = {};
var clientData = session.get(constants.ENCODED_CLIENT_KEYS_IDENTIFIER);
tokenPair = tokenUtil.refreshToken(tokenPair, clientData); privateMethods.setUpEncodedTenantBasedClientCredentials = function (username) {
session.put(constants.ACCESS_TOKEN_PAIR_IDENTIFIER, tokenPair); if (!username) {
log.error("Could not set up encoded tenant based client credentials " +
"to session context. No username is found as input.");
} else {
var dynamicClientCredentials = tokenUtil.getDyanmicClientCredentials();
if (!dynamicClientCredentials) {
log.error("Could not set up encoded tenant based client credentials " +
"to session context as the server is unable to obtain dynamic client credentials.");
} else {
var jwtToken = tokenUtil.getTokenWithJWTGrantType(dynamicClientCredentials);
if (!jwtToken) {
log.error("Could not set up encoded tenant based client credentials " +
"to session context as the server is unable to obtain a jwt token.");
} else {
var tenantBasedClientCredentials = tokenUtil.getTenantBasedAppCredentials(username, jwtToken);
if (!tenantBasedClientCredentials) {
log.error("Could not set up encoded tenant based client credentials " +
"to session context as the server is unable to obtain such credentials.");
} else {
var encodedTenantBasedClientCredentials =
tokenUtil.encode(tenantBasedClientCredentials["clientId"] + ":" +
tenantBasedClientCredentials["clientSecret"]);
// setting up encoded tenant based client credentials to session context.
session.put(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"], encodedTenantBasedClientCredentials);
}
}
}
}
};
publicMethods.refreshToken = function () {
var accessTokenPair = parse(session.get(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"]));
// accessTokenPair includes current access token as well as current refresh token
var encodedClientCredentials = session.get(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"]);
if (!accessTokenPair || !encodedClientCredentials) {
log.error("Error in refreshing tokens. Either the access token pair, " +
"encoded client credentials or both input are not found under session context.");
} else {
var newAccessTokenPair = tokenUtil.refreshToken(accessTokenPair, encodedClientCredentials);
if (!newAccessTokenPair) {
log.error("Error in refreshing tokens. Unable to update " +
"session context with new access token pair.");
} else {
session.put(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"], stringify(newAccessTokenPair));
}
}
}; };
module.setupAccessTokenPair = function (type, properties) {
var tokenPair; publicMethods.setupAccessTokenPairByPasswordGrantType = function (username, password) {
var clientData = tokenUtil.getDyanmicCredentials(properties); if (!username || !password) {
var jwtToken = tokenUtil.getTokenWithJWTGrantType(clientData); log.error("Could not set up access token pair by password grant type. " +
clientData = tokenUtil.getTenantBasedAppCredentials(properties.username, jwtToken); "Either username, password or both are missing as input.");
var encodedClientKeys = tokenUtil.encode(clientData.clientId + ":" + clientData.clientSecret); } else {
session.put(constants.ENCODED_CLIENT_KEYS_IDENTIFIER, encodedClientKeys); privateMethods.setUpEncodedTenantBasedClientCredentials(username);
if (type == constants.GRANT_TYPE_PASSWORD) { var encodedClientCredentials = session.get(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"]);
var scopes = devicemgtProps.scopes; if (!encodedClientCredentials) {
var scope = ""; log.error("Could not set up access token pair by password grant type. " +
scopes.forEach(function(entry) { "Encoded client credentials are missing.");
scope += entry + " "; } else {
var accessTokenPair;
// accessTokenPair will include current access token as well as current refresh token
var arrayOfScopes = devicemgtProps["scopes"];
var stringOfScopes = "";
arrayOfScopes.forEach(function (entry) {
stringOfScopes += entry + " ";
}); });
tokenPair = accessTokenPair = tokenUtil.
tokenUtil.getTokenWithPasswordGrantType(properties.username, encodeURIComponent(properties.password), getTokenWithPasswordGrantType(username,
encodedClientKeys, scope); encodeURIComponent(password), encodedClientCredentials, stringOfScopes);
} else if (type == constants.GRANT_TYPE_SAML) { if (!accessTokenPair) {
tokenPair = tokenUtil. log.error("Could not set up access token pair by password grant type. Error in token retrieval.");
getTokenWithSAMLGrantType(properties.samlToken, encodedClientKeys, "PRODUCTION"); } else {
} // setting up access token pair into session context as a string
session.put(constants.ACCESS_TOKEN_PAIR_IDENTIFIER, tokenPair); session.put(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"], stringify(accessTokenPair));
}
}
}
}; };
return module;
publicMethods.setupAccessTokenPairBySamlGrantType = function (username, samlToken) {
if (!username || !samlToken) {
log.error("Could not set up access token pair by saml grant type. " +
"Either username, samlToken or both are missing as input.");
} else {
privateMethods.setUpEncodedTenantBasedClientCredentials(username);
var encodedClientCredentials = session.get(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"]);
if (!encodedClientCredentials) {
log.error("Could not set up access token pair by saml grant type. " +
"Encoded client credentials are missing.");
} else {
var accessTokenPair;
// accessTokenPair will include current access token as well as current refresh token
accessTokenPair = tokenUtil.
getTokenWithSAMLGrantType(samlToken, encodedClientCredentials, "PRODUCTION");
if (!accessTokenPair) {
log.error("Could not set up access token pair by password grant type. Error in token retrieval.");
} else {
// setting up access token pair into session context as a string
session.put(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"], stringify(accessTokenPair));
}
}
}
};
return publicMethods;
}(); }();

@ -41,7 +41,7 @@ var backendServiceInvoker = function () {
* If the token pair s not set in the session this will send a redirect to the login page. * If the token pair s not set in the session this will send a redirect to the login page.
*/ */
privateMethods.getAccessToken = function () { privateMethods.getAccessToken = function () {
var tokenPair = session.get(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"]); var tokenPair = parse(session.get(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"]));
if (tokenPair) { if (tokenPair) {
return tokenPair.accessToken; return tokenPair.accessToken;
} else { } else {

@ -31,4 +31,4 @@ var permissions = {
'/permission/admin/device-mgt/user': ['ui.execute'], '/permission/admin/device-mgt/user': ['ui.execute'],
'/permission/admin/manage/api/subscribe': ['ui.execute'] '/permission/admin/manage/api/subscribe': ['ui.execute']
}; };
userModule.addRole("internal/devicemgt-user", ["admin"], permissions); //userModule.addRole("internal/devicemgt-user", ["admin"], permissions);

@ -23,15 +23,12 @@ var onFail;
var log = new Log("/app/modules/login.js"); var log = new Log("/app/modules/login.js");
var constants = require("/app/modules/constants.js"); var constants = require("/app/modules/constants.js");
onSuccess = function (context) { onSuccess = function (context) {
var properties;
var utility = require("/app/modules/utility.js").utility; var utility = require("/app/modules/utility.js").utility;
var apiWrapperUtil = require("/app/modules/api-wrapper-util.js").apiWrapperUtil; var apiWrapperUtil = require("/app/modules/api-wrapper-util.js").apiWrapperUtil;
if (context.input.samlToken) { if (context.input.samlToken) {
properties = {samlToken: context.input.samlToken}; apiWrapperUtil.setupAccessTokenPairBySamlGrantType(context.input.username, context.input.samlToken);
apiWrapperUtil.setupAccessTokenPair(constants.GRANT_TYPE_SAML, properties);
} else { } else {
properties = {username: context.input.username, password: context.input.password}; apiWrapperUtil.setupAccessTokenPairByPasswordGrantType(context.input.username, context.input.password);
apiWrapperUtil.setupAccessTokenPair(constants.GRANT_TYPE_PASSWORD, properties);
} }
var devicemgtProps = require("/app/conf/reader/main.js")["conf"]; var devicemgtProps = require("/app/conf/reader/main.js")["conf"];
var carbonServer = require("carbon").server; var carbonServer = require("carbon").server;

@ -19,10 +19,6 @@
"url": "/api/user/*", "url": "/api/user/*",
"path": "/api/user-api.jag" "path": "/api/user-api.jag"
}, },
{
"url": "/token",
"path": "/api/token-api.jag"
},
{ {
"url": "/api/invoker/*", "url": "/api/invoker/*",
"path": "/api/invoker-api.jag" "path": "/api/invoker-api.jag"

@ -49,10 +49,10 @@
<artifactId>org.wso2.carbon.device.mgt.api.feature</artifactId> <artifactId>org.wso2.carbon.device.mgt.api.feature</artifactId>
<type>zip</type> <type>zip</type>
</dependency> </dependency>
<dependency> <!--<dependency>-->
<groupId>org.wso2.carbon.commons</groupId> <!--<groupId>org.wso2.carbon.commons</groupId>-->
<artifactId>org.wso2.carbon.email.verification</artifactId> <!--<artifactId>org.wso2.carbon.email.verification</artifactId>-->
</dependency> <!--</dependency>-->
</dependencies> </dependencies>
<build> <build>
@ -114,9 +114,9 @@
<bundleDef> <bundleDef>
org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.common:${carbon.device.mgt.version} org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.common:${carbon.device.mgt.version}
</bundleDef> </bundleDef>
<bundleDef> <!--<bundleDef>-->
org.wso2.carbon.commons:org.wso2.carbon.email.verification <!--org.wso2.carbon.commons:org.wso2.carbon.email.verification-->
</bundleDef> <!--</bundleDef>-->
<bundleDef> <bundleDef>
org.wso2.carbon.identity:org.wso2.carbon.identity.oauth.stub:${carbon.identity.version} org.wso2.carbon.identity:org.wso2.carbon.identity.oauth.stub:${carbon.identity.version}
</bundleDef> </bundleDef>

@ -757,11 +757,11 @@
<version>${axiom.wso2.version}</version> <version>${axiom.wso2.version}</version>
</dependency> </dependency>
<dependency> <!--<dependency>-->
<groupId>org.wso2.carbon.commons</groupId> <!--<groupId>org.wso2.carbon.commons</groupId>-->
<artifactId>org.wso2.carbon.email.verification</artifactId> <!--<artifactId>org.wso2.carbon.email.verification</artifactId>-->
<version>${carbon.commons.version}</version> <!--<version>${carbon.commons.version}</version>-->
</dependency> <!--</dependency>-->
<!-- API Management dependencies --> <!-- API Management dependencies -->
<dependency> <dependency>
@ -1739,7 +1739,7 @@
<properties> <properties>
<testng.version>6.1.1</testng.version> <testng.version>6.1.1</testng.version>
<carbon.kernel.version>4.4.3</carbon.kernel.version> <carbon.kernel.version>4.4.7</carbon.kernel.version>
<carbon.kernel.version.range>[4.4.0, 5.0.0)</carbon.kernel.version.range> <carbon.kernel.version.range>[4.4.0, 5.0.0)</carbon.kernel.version.range>
<carbon.p2.plugin.version>1.5.4</carbon.p2.plugin.version> <carbon.p2.plugin.version>1.5.4</carbon.p2.plugin.version>
<maven-buildnumber-plugin.version>1.3</maven-buildnumber-plugin.version> <maven-buildnumber-plugin.version>1.3</maven-buildnumber-plugin.version>
@ -1791,8 +1791,8 @@
<carbon.governance.version>4.5.8</carbon.governance.version> <carbon.governance.version>4.5.8</carbon.governance.version>
<!-- Axiom --> <!-- Axiom -->
<axiom.version>1.2.11-wso2v5</axiom.version> <axiom.version>1.2.11-wso2v11</axiom.version>
<axiom.osgi.version.range>[1.2.11.wso2v5, 1.3.0)</axiom.osgi.version.range> <axiom.osgi.version.range>[1.2.11, 1.3.0)</axiom.osgi.version.range>
<axiom.wso2.version>1.2.11.wso2v5</axiom.wso2.version> <axiom.wso2.version>1.2.11.wso2v5</axiom.wso2.version>
<!-- Carbon Device Management --> <!-- Carbon Device Management -->

Loading…
Cancel
Save